Analysis

  • max time kernel
    140s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-08-2024 21:38

General

  • Target

    87c546ddba0607b2543381afb9f1d52d_JaffaCakes118.exe

  • Size

    16KB

  • MD5

    87c546ddba0607b2543381afb9f1d52d

  • SHA1

    e1ada5357655faeb8644e42289fcd2b0d3ac1a0d

  • SHA256

    1fc854fd49e319f8e87ece6ba2b8d231e7bf71efffae6f3a8b7df36868dd750c

  • SHA512

    efb39f366cdcc9578c756ae1bc9519c4ba19dff8be0f0542a7a58c913365fc26b1b108ee035b02fd302849ce26c2ffc8cd4ebfe818eb9870b3dddbcae40901c7

  • SSDEEP

    96:qTwlaXuOxPt3EIh4+C7VSxKgKk0lWMICQw+x6ahavdE24D7ewbno:qVXP7wsx+k0lWMI1hhP0

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Drops file in Windows directory 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\87c546ddba0607b2543381afb9f1d52d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\87c546ddba0607b2543381afb9f1d52d_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads